` CCPA Compliance Note: The Lookback Period Starts on January 1, 2019 - Clarip Privacy Blog

CCPA Compliance Note: The Lookback Period Starts on January 1, 2019

Is your business ready for the California Consumer Privacy Act (CCPA)? CCPA compliance will bring a range of privacy challenges for companies in 2019 whether they have already prepared for GDPR or not. Now that the calendar has turned to December, there is only a month until the lookback period for the CCPA starts and it is time to begin getting ready.

What is the Lookback Period?

One important aspect to keep in mind with the California privacy law is that the law has a 12 month lookback period for the information that needs to be provided to consumers. In order to meet the expected level of transparency in your privacy policy, your organization really needs to know what is happening with personal data from the start of January 2019. At a minimum, organizations should have a solid grip on what data they are collecting, how it is being used and who it is being shared with (both internally within the organization as well as third-parties).


This information does not need to be disclosed under the law until January 1, 2020. Yet, the sooner that your organization can start preparing for these disclosures, the better off it will be. Companies that postpone their data inventory and mapping until after the lookback period is underway will need to go back and analyze historical data collected by the company, which is tougher than analyzing it as it is coming into the business.

Is Your Business Covered by CCPA?

The law applies to businesses collecting personal information on more than 50,000 consumers, households, or devices annually. It alternatively applies to businesses that have annual gross revenues in excess of $25 million. If your business is doing either, or 50 percent of revenue comes from selling personal data, then it is a covered business and must comply with the CCPA.

The Best Time to Prepare for CCPA is Now!

It has only been six months since California passed the country’s most comprehensive privacy law, yet it is already time to begin ramping up planning for the compliance challenges that you will encounter from it over the next year, as well as investigating available solutions from existing privacy technology.

There are roughly 12 months left before the CCPA goes into effect and as many as 18 months before the California Attorney General will begin enforcement of the law. However, GDPR preparations showed many businesses that it can take more than a year to mature an organization’s privacy practices. Surveys of business and privacy professionals taken around the May GDPR deadline showed that many of them did not expect to be in compliance until the end of the year, seven months after enforcement started. These organizations needed more time – even after the European Union officials gave them a two year gap between the publication of the law and its May 25th start to enforcement.

We are seeing many businesses that have already begun their CCPA compliance preparations. If your organization needs help with enterprise privacy management, please call 1-888-252-5653 for a free demo of our privacy software.

Other Blog Posts on the California Consumer Privacy Act:

Debate Over CCPA Amendment Heats Up as Business Preparations Ramp Up
California AG Holds First Public Forum for CCPA Rulemaking in San Francisco
New Mexico Privacy Bill Copies CCPA – Consumer Information Privacy Act Introduced in NM Legislature
CCPA Rulemaking Public Forums Announced by California Attorney General
A Sale for Valuable Consideration Under California’s CCPA Defined
Consumer Organizations Defend California Consumer Privacy Act (CCPA) in Letter to Legislators
California AG Tells Congress Not to Preempt California Privacy Law
CCPA Privacy Lawsuits Implicated in United States Challenge to Injury Standing in Frank v. Gaos
PWC Survey on CCPA: Enterprise Compliance Expected at 52% by January 1, 2020
California Adopts SB-1121 Amendments to Consumer Privacy Act

Contact Clarip Today for Help with CCPA and GPDR

The Clarip team and data privacy software are prepared to help your organization improve its privacy practices. Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo or speak to a member of the Clarip team.

If your challenge right now is CCPA compliance for your California operations, allow us to show you our CCPA software. From consent management software to offer the option to opt-out of the sale of personal data, to a powerful DSAR Portal to facilitate the right to access and delete, Clarip offers enterprise privacy management at an affordable price.

If you are preparing your European operations for GDPR compliance, we can help through our modular GDPR software. Whether you are looking to start the process with GDPR data mapping software, increase automation in your privacy program with DPIA software, or handle ePrivacy with a cookie consent manager, Clarip has the privacy platform that you need to bolster your program.

Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo and speak to a member of the Clarip team.

The pixel
Show Buttons
Hide Buttons